package com.zzhua.controller;

import com.zzhua.pojo.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import javax.validation.constraints.NotBlank;
import java.io.Serializable;
import java.util.Map;

@Validated
@RestController
public class LoginController {

    @RequestMapping("login")
    public Object login(@NotBlank(message = "uname can't be blank") String uname,
                        @NotBlank(message = "pword can't be blank")String pword) {
        Subject subject = SecurityUtils.getSubject();
        subject.login(new UsernamePasswordToken(uname, pword));
        // 登录成功之后，返回sessionId给前端
        Serializable sessionId = subject.getSession().getId();
        return sessionId;
    }

    @RequestMapping("getCurrUser")
    public User getCurrUser() {
        Object principal = SecurityUtils.getSubject().getPrincipal();
        System.out.println(principal);
        return ((User) principal);
    }

}
